Security monitoring firms have reported a significant exploit targeting Gondi, a prominent NFT liquidity and lending platform operating on the Ethereum blockchain. On March 9, 2026, analysts from GoPlus Security identified an unauthorized intrusion that resulted in the theft of multiple high-value non-fungible tokens. Preliminary estimates indicate that the total financial impact of the breach is approximately $450,000 USD.
Details of the Exploit and Asset Losses
The attack specifically targeted the platform's smart contract infrastructure, allowing the perpetrator to bypass standard security protocols and drain assets from associated liquidity pools. The stolen items consist of various Ethereum-based NFTs, which were subsequently moved to external wallets for liquidation. Security researchers are currently tracing the movement of these funds across the decentralized finance (DeFi) ecosystem to identify the destination of the laundered assets.
Immediate Security Recommendations for Users
In response to the incident, security experts have identified a specific smart contract address involved in the vulnerability. Users who have interacted with the Gondi protocol are urged to perform the following actions:
- Check wallet permissions for the contract address: 0xc10472ac1bf9f2e58ff2c83596b4535334c90814.
- Immediately revoke all authorizations associated with this specific address to prevent further unauthorized access.
- Monitor connected wallets for any suspicious outgoing transactions or signature requests.
Revoking permissions is a critical step in on-chain security, as it terminates the ability of a smart contract to move assets from a user's private wallet.
While the investigation into the root cause of the vulnerability continues, the incident serves as a reminder of the inherent risks within NFT lending markets. Affected users should stay informed through official security channels for potential recovery updates. The broader Web3 community continues to emphasize the importance of regular audits and the use of hardware wallets to mitigate the impact of such protocol-level exploits.
Frequently Asked Questions
Quick answers to the most common questions about this topic.
For educational purposes only. Nothing here constitutes financial or investment advice. Crypto markets are highly volatile — always DYOR before making any decisions.
Fact-checked per our editorial policy. We maintain strict independence from advertisers. Spot an error? Let us know.